The Why?

By Tracey Edwards

As a senior leader in one of Australia’s top 4 financial institutions, with no personal connection or significant understanding of autism, why implement a neurodiversity program?

Let’s start with the key items that all technology leaders understand and base their strategic decisions around:

• Australia spent approximately $5.6 billion on cybersecurity in 2020, with demand expected to reach $7.6 billion by 2024.
• Security breaches increased by ~67% in the past 5 years.
• Ransomware attacks occur every 14 seconds, up from every 40 seconds in 2016.
• The cost of ransomware attacks worldwide is estimated to go beyond $265 billion in the next decade, $20 billion just this year alone, that is a 57x jump from 2015.

So, with multi-billion-dollar reasons to focus on how we address these frightening risks, there should be no doubt that a range of tactics are required, from technology to people power.

What is diversity today:

In 2021 it is accepted by most that diversity is critical in the workforce and needs to be factored into our recruiting and retention of talent. The benefits of diversity are well known and documented, although not always understood, with employers simply wanting to hire the best people for their organisations and this equates to diversity amongst: problem solving, creative thinking and analytical capabilities. Cybersecurity in particular, is in urgent need of talent. The growing demand for new talent along with the ever-increasing competition for resources in the IT and cybersecurity industry is intense and throwing dollars at the same talent pool has its limitations for any organisation. To achieve true competitive advantage in the IT and cybersecurity world, it is essential to have a diversity of thinking and culture within teams and the broader organisation.

There is not one single skillset, or characteristic, that makes up the magic equation of “best people” for a role or an organisation. Skills in themselves are easy to define, whether they be technical, communication or critical thinking. Diversity, however, can be far more challenging to define and subsequently to translate and embed into traditional recruitment channels, particularly without the stigma of hiring for what can be seen as all the wrong reasons.

The characteristics of many people on the autism spectrum make them well suited to the IT and the cybersecurity realm, particularly individuals working in the cybersecurity arena need to look at things from a unique perspective, so creativity of thought is critical. Recognising patterns, solving difficult problems, and enjoying and thriving in routine-based environments is also important. In addition, some of the work can be repetitive involving large quantities of data, so attention to detail and an ability to sustain superior focus for long periods is also crucial. Other typical traits that we value yet are challenging to assess, are honesty and loyalty and these are traits that most of us value in all aspects of our lives.

Benefits:

All the research and data points are purely theoretical until put into practice. It was in 2018 when all my research and homework on why we should employ a diverse workforce, targeting neurodiverse talent specifically, was put to the test. Investing in a multi-year, multi-million-dollar program to recruit a neurodiverse cohort of employees in a cybersecurity team was put into action.

By Day 30, our teams had overcome any trepidation they felt, and a sense of pride took its place. Pride of working in an organisation that values and respects differences and provides an environment where these individual traits and backgrounds are celebrated. To illustrate the impact to the employees’ sentiment, there was a significant improvement in organisational employee engagement scores, where the team achieved the highest engagement score of the business unit. This significant emotional commitment translates into engaged employees who care about their work and their organisation, where they don’t work just for a paycheck, but work on behalf of the organization’s goals.

By Day 90, the neurodiverse cohort had increased the productivity of the team by 26%. This in itself is impressive, however, when you consider the fact that these employees had minimal or in some cases, zero experience in cybersecurity or working in a large financial institution, this impact is truly inspirational.

Day 120 and the neurodiverse cohort is fully functional within the security team and a number of the cohort had successfully gained employment outside of their starter team and leveraged their capabilities to secure positions in a variety of roles, demonstrating their value to the broader organisation and their personal resilience to build meaningful careers.

More important than the many organisational benefits experienced through the successful introduction of a neurodiverse talent pool, was the impact to the lives of the cohort themselves who were involved. The level of pride and confidence that comes with having a meaningful career where your skills and traits are truly valued, cannot be underestimated, along with the financial stability a career provides, changes lives in a meaningful and long-term way.

Summary:

A final word to sum up “The Why” an organisation must place diversity at its core when recruiting talent, because it makes solid business sense when calculating return on investment, and simply because it is the right thing to do!